Ensuring GDPR compliance

We are looking to how to ensure we are GDPR compliant with the handling of our data however this is posing a real issue for us. We collect data of users from another (third party) service and can identify them via their user_id. In the event of a GDPR request we would need to remove all mention of these user_ids.

The main issue is we store snapshots so would be unable to simply delete/modify every doc containing this id (unless there is some way to also remove it from within snapshots?). We have considered instead replacing these ids with fingerprints however we then have the problem of constantly having to manually convert between the fingerprints and user ids any time we want to query this data.

Is there a way Kibana can automatically convert between the fingerprints and underlying user_ids so for example we could directly query using the user_id or have the user_id field show the user_id instead of the fingerprint (even though the underlying data is still the fingerprint)? Or any other solution to be GDPR compliant here without manual conversion?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.